lauantai 2. tammikuuta 2016

Free SSL sertificates from Letsencrypt

SSL sertificates have been too hard to get up and working. Addition to that, they mostly have been a bit costly.

Now there seems to be a working alternative. Letsencrypt offers an easy solution to fetch and use sertificates.

Here's an example what I did.

1. Get the scripts
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt

2. For getting the sertificate, you need to have either 80 or 443 port free to be used (for a moment only), this uses port 443
./letsencrypt-auto certonly --standalone -d uutispuro.fi -d www.uutispuro.fi --standalone-supported-challenges tls-sni-01

3. Add the following lines (altered to your domain of course) to your nginx conf
ssl_certificate /etc/letsencrypt/live/uutispuro.fi/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/uutispuro.fi/fullchain.pem;

See https://www.uutispuro.fi/en to see it in action :)

You do  need to update it periodically, every three months or so, but that is nothing else than doing the step 2. You can run it in crontab easily.

Ei kommentteja:

Lähetä kommentti

Huomaa: vain tämän blogin jäsen voi lisätä kommentin.